Design/Logic Flaw

2019-12-3116:15:00

PRIOn knowledge base

www.prio-n.com

0.003 Low

EPSS

Percentile

69.2%

GeniXCMS 1.1.5 has XSS via the dbuser or dbhost parameter during step 1 of installation.

CPENameOperatorVersion
genixcmseq1.1.5

CPE	Name	Operator	Version
	genixcms	eq	1.1.5

References

packetstormsecurity.com/files/151006/GeniXCMS-1.1.5-Cross-Site-Scripting.html

github.com/semplon/GeniXCMS/issues/88

0.003 Low

EPSS

Percentile

69.2%

Related for PRION:CVE-2018-14476